Teredo - Tunneling IPv6 through NATs

1
Teredo- Tunneling IPv6 through NATs

• Date 2003-10-31
• Speaker Quincy Wu
• National Chiao Tung University

2
IPv4toIPv6 Transition Strategy (RFC 2893)

• Dual Stack
• Reduce the cost invested in transition by running
  both IPv4/IPv6 protocols on the same machine .
• Tunneling
• Reduce the cost in wiring by re-using current
  IPv4 routing infrastructures as a virtual link.
• Translation
• Allow IPv6 realm to access the rich contents
  already developed on IPv4 applications

3
Tunnels of IPv6 over IPv4
IPv6 Header
Data
IPv6 Host
IPv6 Host
Dual-Stack Router
Dual-Stack Router
Tunnel IPv6 in IPv4 packet
IPv6 Header
IPv4 Header
Data

• Encapsulating the IPv6 packet in an IPv4 packet
• Tunneling can be used by routers and hosts

4
Manually Configured Tunnel
Dual-Stack Host
Dual-Stack Router
IPv4 140.119.209.254 IPv6 200128803a1210
3/127
IPv4 140.113.199.2 IPv6 200128803a12102/
127
FreeBSD4.7 gifconfig gif0 140.119.209.254
140.113.199.2 ifconfig gif0 inet6
200128803a12102 20012883a12103
prefixlen 128
5
6to4 Tunnel (RFC 3056)
6to4 Router2
6to4 Router1
E0
E0
140.119.209.254
140.113.199.250
Network prefix 20028C77D1FE/48
Network prefix 20028C71C7FA/48


router2 interface Ethernet0 ip address
140.113.199.250 255.255.255.0 ipv6 address
20028C71C7FA1/64 eui-64 interface Tunnel0
no ip address ipv6 unnumbered Ethernet0 tunnel
source Ethernet0 tunnel mode ipv6ip 6to4 ipv6
route 2002/16 Tunnel0

• 6to4 Tunnel
• Is an automatic tunnel method
• Gives a prefix to the attached IPv6 network
• 2002/16 assigned to 6to4
• Requires one global IPv4 address on each site

6
6to4 Tunnel
20028C77D1FE25
6to4 Router2
6to4 Router1
20028C71830113
E0
E0
140.113.131.1
140.119.209.250
Network prefix 20028C718301/48
Network prefix 20028C77D1FE/48
IPv4 SRC 140.113.131.1
IPv4 DEST 140.113.119.250
IPv6 SRC 20028C71830113
IPv6 SRC 20028C71830113
IPv6 SRC 20028C71830113
IPv6 DEST 20028C77D1FE25
IPv6 DEST 20028C77D1FE5
IPv6 DEST 20028C77D1FE25
Data
Data
Data
7
IPv6 Tunneling Problem (1/2)
20028C77D1FE25
2002A00113
6to4 Router
6to4 Router
2
3
4
1
D
A
E0
E0
C
B
NAT
140.119.209.250
10.0.0.1
Network prefix 20028C77D1FE/48
140.113.131.2
Network prefix 2002A001/48
IPv4 SRC 10.0.0.1
IPv4 SRC 140.113.131.2
IPv4 DEST 140.119.209.250
IPv4 DEST 140.119.209.250
IPv6 SRC 2002A00113
IPv6 SRC 2002A00113
IPv6 SRC 2002A00113
IPv6 SRC 2002A00113
IPv6 DEST 20028C77D1FE25
IPv6 DEST 20028C77D1FE25
IPv6 DEST 20028C77D1FE25
IPv6 DEST 20028C77D1FE25
Data
Data
Data
Data
8
IPv6 Tunneling Problem (2/2)
20028C77D1FE25
2002A00113
6to4 Router
6to4 Router
D
A
E0
E0
C
B
?
6
NAT
5
140.119.209.250
10.0.0.1
Network prefix 20028C77D1FE/48
140.113.131.2
Network prefix 2002A001/48
IPv4 SRC 140.119.209.250
Destination is Private Address!
IPv4 DEST 10.0.0.1
IPv6 SRC 20028C77D1Fe25
IPv6 SRC 20028C77D1Fe25
IPv6 DEST 2002A00113
IPv6 DEST 2002A00113
Data
Data
9
Teredo Service

• Allow hosts behind NAT to access IPv6 without
  modifying NAT. It contains three basic
  components
• Teredo Client
• A node wants to gain access to the IPv6 Internet.
• Teredo Server
• helper to provide IPv6 connectivity to Teredo
  clients.
• Teredo Relay
• An IPv6 router that can receive traffic from IPv6
  realm to Teredo clients and vice versa.

10
Teredo Operation Model

• Teredo Client gets its Teredo IPv6 address from
  Teredo Server.
• Use Teredo Relay as Relay router.

Teredo Server
Teredo Client
IPv6 Host
NAT
Teredo address?
Your Teredo address.
Teredo Relay
Teredo IPv6 Tunnel
IPv4 Header UDP Header Teredo Header IPv6 packet
11
Teredo Address Encoding
Teredo Prefix Teredo Server IPv4 Flags Obscured Teredo Client External Port Obscured Teredo Client External IPv4
32bits
32bits
32bits
16bits
16bits

• Teredo Prefix 32 bit Teredo service prefix.
• 3FFE831F/32
• Teredo Server IPv4 IPv4 address of the Teredo
  server.
• Flags 16 bits that document type of address and
  NAT.
• Bit pattern C00000UG00000000
• C1 if NAT is cone.
• UG should set to 00.
• Obscured Teredo Client External Port mapped UDP
  port of the client
• Obscured Teredo Client External IPv4 mapped IPv4
  address of the client

Obfuscated XOR every bits in the field with 1,
prevent over-genius NATs translation.
12
Teredo Tunnel To host behind NAT
3FFE831F8C718337F227738E7CFE
140.113.131.55
2001238F881317
Teredo Server
NAT
3
2
Teredo Client
140.113.131.1
Teredo Relay
1
140.113.131.73
IPv4 SRC
140.113.131.3
IPv4 SRC
140.113.131.73
IPv4 DEST 10.0.0.1
IPv4 DEST 140.113.131.1
UDP SRC 3544
UDP SRC 3544
IPv6 SRC 2001238F881317
UDP DEST 3544
UDP DEST 54392
IPv6 DEST 3FFE831F8C718337F227738E7CFE
IPv6 SRC 2001238F881317
IPv6 SRC 2001238F881317
IPv6 DEST 3FFE831F8C718337F227738E7CFE
Data
IPv6 DEST 3FFE831F8C718337F227738E7CFE
Data
Data
13
Trial of Teredo in NCTU
Teredo Client
IPv4 Network
DNS
Teredo Client
NAT
Teredo Server
NAT
Teredo Client
Teredo Relay
14
Protocol Decoder in Ethereal
140.113.131.74
15
Conclusion

• Many users get private IPv4 address from their
  service providers, such as WLAN and GPRS. These
  users are unable to create IPv6 tunnels.
• Before all NAT devices can be upgraded to support
  IPv6, Teredo service is useful for ISPs to
  provide IPv6 access to their users behind NAT.